During the course of our investigative work, Fortalice has observed an increasing and alarming trend: personal email compromise is leading to business email compromise. Threat actors will leverage weaknesses regarding executives’ or board members’ personal cybersecurity hygiene to gain access to their business accounts. Extortion also remains a top cybersecurity threat, with organized criminals overseas routinely targeting corporations and the people who support them.
Silicon Valley Bank (SVB) was shuttered early this month and had its deposits seized in the largest U.S. bank failure since the 2008 financial crisis. Although it may seem like SVB’s collapse will only impact its direct customers and depositors, it is far more complicated. Like vultures to roadkill, cyber scammers often wait to exploit and target victims after tragedy strikes, or bad news arises. A perfect storm of stress, uncertainty, and urgency for customers and vendors alike during this time can impair someone’s judgement when they click links and open emails they otherwise would ignore or delete. Fortalice has outlined a few different ways cybercriminals social engineer their victims during times of extreme distress and insecurity.
With this Fortalice Solutions' Client Advisory, we hope to provide important takeaways for organizations regarding the usage of conversational ChatGPT, and other, lesser-known AI platforms. While there are some very tangible benefits to ChatGPT, Fortalice believes strongly that there is a need for risk assessments, updated policies, and processes to protect intellectual property and company-sensitive information.
In a matter of months, public companies will have several new rules to follow with respect to cybersecurity incident reporting. The Securities and Exchange Commission (SEC) proposed rules changes focus on ensuring the availability and comparability of public company disclosures across industries.
Fortalice Solutions has partnered as a Data Privacy Champion. With the goal of increased awareness about online privacy among individuals and organizations, one goal of Data Privacy Week is to help organizations understand why it is important that they respect the data of their users, employees and suppliers.
T-Mobile announced on January 19 that it was reviewing a November 2022 data breach, potentially impacting 37 million accounts through one of its APIs. This advisory is intended to help our clients understand the urgent need to understand and review their API security, while also summarizing recent T-Mobile breaches.
Annually, there are more than 55,000 electrical substations attacks in the United States. Recently, a targeted attack on two power substations in North Carolina knocked out power to more that 45,000 Moore County residents for nearly a week. The attack on critical infrastructure that darkened the Southern Pines area of North Carolina, is just the latest in a series of similar attacks stretching from Oregon to Florida. More ominously, it’s a threat that many experts believe is only getting bigger.
LastPass, a popular password management tool, enables its customers to store all their usernames and passwords for online accounts. LastPass disclosed that, as part of its investigation into an August breach, it had uncovered evidence that threat actors had successfully accessed unencrypted portions of LastPass customers’ vaults
The holiday shopping season is here. BUYER BEWARE – FRAUD LIES AHEAD! Cybercriminals and fraudsters have upped their game to trick even the cyber-savviest of online shoppers
Retailers are trying to understand why some customers abandon their online shopping carts before pressing “proceed to checkout” or “place your order.” To solve these riddles, retailers are increasingly turning to web tracking services and fine-tuning their targeting efforts. Organizations need to be aware of the ramifications of how they are using internet trackers.
Buyer beware: Scammers have set up shop on Facebook. Here's how to avoid falling victim to some common Facebook Marketplace scams.
There are many facets to preparing your organization for a major cyber incident. Incident response playbooks, proper network hardening, and multiple levels of employee cyber hygiene training are par for the course. In theory, these solutions should ensure you’re ready for any cyber threat. But how can you be sure all of that will pay off when you’re faced with a real-world scenario? Enter, tabletop exercises.
For a newly minted chief information security officer (CISO), the first 90 days are a time of both peril and possibility. If CISOs move too fast or push too hard, they risk alienating the organization. Move too slowly and new CISOs risk squandering their momentum and honeymoon period. Experienced CISOs tell Endpoint how they navigated their first few months on the job. Here’s how to navigate your new role.
Fortalice Solutions is proud to announce it has signed on as Champion for Cybersecurity Awareness Month 2022. At Fortalice Solutions, we believe preparation is the best strategy to protect organizations from cyber threats and crime. We transform a reactive security model into a proactive, results-based model of protection. Fortalice Solutions, led by the first woman to serve as White House Chief Information Officer, Theresa Payton, is comprised of passionate practitioners who provide organizations with clarity of priority, approach, and security design.
Fortalice Solutions CEO and Founder, Theresa Payton has announced the promotion of Bridget O’Connor and Melissa O’Leary to the position of Partner of Fortalice Solutions.
Fortalice CEO & Founder Theresa Payton discusses the Fortalice difference and her new book, Manipulated Inside the Cyberwar to Hijack Elections and Distort the Truth.